Threat Intelligence Engineer
To see similar active jobs please follow this link: Remote Development jobs
An overview of this role
Whether you're an intermediate engineer with strong threat intelligence experience or a seasoned senior, we're looking for our first dedicated Threat Intelligence Engineer. You'll be joining a program in its early stages, built on a solid foundation by current members of our Security Operations team.
Your mission will be to provide actionable intelligence that empowers GitLab to make informed, proactive decisions about security. We want to get in front of threats before they materialize - using intelligence to see around corners and anticipate the next attack.
We'll rely on your strong hands-on technical skills to monitor our unique threat landscape, focusing on credible threats to GitLab and the software supply chain. You'll leverage your Linux and Python expertise as a force multiplier, expanding our capabilities through automation and AI. Additionally, you'll build meaningful relationships with industry peers, sharing intelligence and contributing to the industry as a whole.
As the founding member of this new team, you'll help us refine our processes and iterate towards a more mature threat intelligence program. We've laid the groundwork with reporting templates, metrics for success, tooling, feeds, and industry connections. Now we need you to put this framework into action - uncovering real-world attacks, making attributions, and building a thriving intel-sharing community.
You'll be supported by Security Operations engineers who dedicate a portion of their time to threat intelligence. We'll encourage you to collaborate across security, infrastructure, and product teams to help keep our customers, platform, and organization secure.
If you're excited about shaping the future of threat intelligence at GitLab, we want to hear from you!
What You’ll Do
Monitor the threat landscape, identifying and analyzing the risks most relevant to GitLab.
Deliver actionable intelligence via recurring Threat Insights and ad-hoc Flash Reports.
Collaborate on Threat Actor Tracking, helping us stay one step ahead of our top threats.
Collaborate on Purple Team Flash Operations, where emerging threats are turned into collaborative exercises to rapidly improve our defensive capabilities.
Build meaningful relationships with industry peers, sharing intelligence and collaborating on emerging threats.
Write code, leverage AI, and build automation to improve process efficiencies on the team.
What You’ll Bring
Proven track record of delivering actionable intelligence that has had a meaningful impact on the security of an organization.
Experience with MITRE ATT&CK framework and its application in threat analysis.
Experience working with a Threat Intelligence Platform (TIP) and threat feeds.
Experience researching adversaries using OSINT techniques.
Ability to automate tasks by writing basic scripts/programs, preferably with Python
Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner
Optional but valuable: experience reverse engineering malware
Optional but valuable: public examples of blogs or open-source work related to threat intelligence
About the team
This role will be the first member on a new team with the Security Operations department. You will report to a Security Manager based out of Australia, who also runs our Red Team.
Security Operations includes SIRT, Trust & Safety, Red Team, and Security Logging.
How GitLab will support you
All remote, asynchronous work environment
Home office support
Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.
About the job
Threat Intelligence Engineer
To see similar active jobs please follow this link: Remote Development jobs
An overview of this role
Whether you're an intermediate engineer with strong threat intelligence experience or a seasoned senior, we're looking for our first dedicated Threat Intelligence Engineer. You'll be joining a program in its early stages, built on a solid foundation by current members of our Security Operations team.
Your mission will be to provide actionable intelligence that empowers GitLab to make informed, proactive decisions about security. We want to get in front of threats before they materialize - using intelligence to see around corners and anticipate the next attack.
We'll rely on your strong hands-on technical skills to monitor our unique threat landscape, focusing on credible threats to GitLab and the software supply chain. You'll leverage your Linux and Python expertise as a force multiplier, expanding our capabilities through automation and AI. Additionally, you'll build meaningful relationships with industry peers, sharing intelligence and contributing to the industry as a whole.
As the founding member of this new team, you'll help us refine our processes and iterate towards a more mature threat intelligence program. We've laid the groundwork with reporting templates, metrics for success, tooling, feeds, and industry connections. Now we need you to put this framework into action - uncovering real-world attacks, making attributions, and building a thriving intel-sharing community.
You'll be supported by Security Operations engineers who dedicate a portion of their time to threat intelligence. We'll encourage you to collaborate across security, infrastructure, and product teams to help keep our customers, platform, and organization secure.
If you're excited about shaping the future of threat intelligence at GitLab, we want to hear from you!
What You’ll Do
Monitor the threat landscape, identifying and analyzing the risks most relevant to GitLab.
Deliver actionable intelligence via recurring Threat Insights and ad-hoc Flash Reports.
Collaborate on Threat Actor Tracking, helping us stay one step ahead of our top threats.
Collaborate on Purple Team Flash Operations, where emerging threats are turned into collaborative exercises to rapidly improve our defensive capabilities.
Build meaningful relationships with industry peers, sharing intelligence and collaborating on emerging threats.
Write code, leverage AI, and build automation to improve process efficiencies on the team.
What You’ll Bring
Proven track record of delivering actionable intelligence that has had a meaningful impact on the security of an organization.
Experience with MITRE ATT&CK framework and its application in threat analysis.
Experience working with a Threat Intelligence Platform (TIP) and threat feeds.
Experience researching adversaries using OSINT techniques.
Ability to automate tasks by writing basic scripts/programs, preferably with Python
Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner
Optional but valuable: experience reverse engineering malware
Optional but valuable: public examples of blogs or open-source work related to threat intelligence
About the team
This role will be the first member on a new team with the Security Operations department. You will report to a Security Manager based out of Australia, who also runs our Red Team.
Security Operations includes SIRT, Trust & Safety, Red Team, and Security Logging.
How GitLab will support you
All remote, asynchronous work environment
Home office support
Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application.